Hi, Am 02.08.2022 um 15:32 schrieb lol lol via FreeIPA-users:
Hello, I'd like to run IPA server in a vm and at the same time use the host OS as an IPA client for a uniform set-up of DNS, NTP, SSO etc across the board.
I'm running something similar here: FreeIPA in a docker container, the host running the container is an IPA client.
I have a replica but let's imagine that I don't. So I have only one IPA server running on as a guest on an IPA client host. I imagine that I would encounter issues at start-up since IPA client services should start AFTER the VM is up and running.
I don't see any problems here as long as I don't do anything that needs KRB5 tokens and/or user data until after the container is up and running properly.
What would be your recommendation of going about it? Should I start libvirt before IPA client services in boot chain (and what exact services?) and then sleep long enough so that VM has the time to start? Or maybe be I should just restart some IPA client services after booting?
I don't really need any of that here, and it *does* take up to 5 minutes after boot until the ipa server is actually responsive (old, cripply hardware).
The only problem I have here is that I had to move my SMB server to a different host - SMB as ipa client with the SMB/IPA/AD Controller inside a container on the same host gave me any number of certificate- and KRB5-related headaches.
cheers MH -- Mathias Homann [email protected] Jabber (XMPP): [email protected] IRC: [Lemmy] on freenode and ircnet (bouncer active) keybase: https://keybase.io/lemmy gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102 _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
